China cyber-warfare translation

Computer Security

The Dragon and the Computer: Chinese Cyber-Warfare

By: Paulo Shakarian, Posted on: July 31, 2013 Comments: 0

Dear Readers,

I’m happy to be writing for Elsevier’s new blog to introduce the book Introduction to Cyber-Warfare: A Multidisciplinary Approach that I wrote with my wife Jana and our good friend Andrew Ruef.  The book is designed to introduce the reader to this new domain of warfare through a series of case studies. This is much the way I learned about conventional military operations through my military training – and why there are so many good books on military history.  Jana, Andrew, and I felt that there should be a similar “military history” for cyber-war – so we hope this can help fill that void.

Many people have asked us what we thought about In the light of recent news stories about China engaging in cyber-warfare, particularly regarding intellectual property theft.  So, in talking with the good folks at Elsevier, we want answer some of those questions -  while giving you a taste of this new book.

The following article is an excerpt from the new book Introduction to Cyber-Warfare: A Multidisciplinary Approach published by Syngress, an imprint of Elsevier. Order your copy now and save 30%! Just enter discount code “SYN30” at checkout.

The Dragon and the Computer: Why Intellectual Property Theft is Compatible with Chinese Cyber-Warfare Doctrine

By Paulo Shakarian, Jana Shakarian, and Andrew Ruef

Abstract: Along with the USA and Russia, China is often considered one of the leading cyber-powers in the world. In this exerpt, we explore how Chinese military thought, developed in the 1990’s, influenced their cyber-operations in the early 2000’s. In particular, we examine the ideas of Unrestricted Warfare and Active Offense and discuss how they can permit for the theft of intellectual property.  We then specifically look at how the case study of Operation Aurora – a cyber-operation directed against many major U.S. technology and defense firms, reflects some of these ideas.

Over the past five years, the news media is seemingly littered with alleged Chinese cyber-incidents. These activities have included instances of theft of guarded scientific data,  monitoring of communication of the Dalai Lama, and theft of intellectual property from Google. In a testimony to the Congressional Armed Services Committee, General Keith Alexander, the commander of U.S. Cyber Command and head of the National Security Agency (NSA), stated that China is stealing a “great deal” of military-related intellectual property from the U.S. Clearly, cyber-espionage, which includes the theft of intellectual property, is already a key component of Chinese cyber-strategy.  The recently released report by the security firm Mandiant provides technical analysis leading to the conclusion that an organization within the People’s Liberation Army (Unit 61398) has been responsible for a great deal of cyber-espionage against English-speaking countries. In this paper, we highlight some of the relevant Chinese doctrine that we believe led to organizations like Unit 61398 and others.

++++

The activities of exfiltration, monitoring, and theft of digital information described here can be easily labeled as incidents of cyber-espionage. The apparent goal of this type of cyber-operation is not to take the computers offline or destroy the data that they contain but rather to capture data of the opposing force. This being the case, such activities could not be labeled as cyber-attacks, because the targeted systems and their data must remain intact in order to obtain the desired data. Hence, we can define cyber-espionage as the act of obtaining access to data from a computer system without the authorization of that system’s owner for intelligence collection purposes.

11:52 -- next

However, like incidents of computer network attack, these incidents of cyber-espionage too are notoriously difficult to attribute. What then, leads us to believe Chinese involvement in the cyber-espionage incidents? If attribution is so difficult, then why do these actions cause corporations like Google and Northrop Grumman, as well as high-level diplomats such as U.S. Secretary of State Hilary Clinton to issue strong statements against the Chinese government in the wake of such attacks? The issue lies in the origin of the incidents. Often computers involved with the theft of digital information are traced back to networks that are located on the Chinese mainland. Further, forensic analysis of malware from such incidents often indicates the use of Chinese-language software development tools. Though it is virtually impossible to implicate the government of the People’s Republic of China (PRC) in these cyber-espionage actions, the fact that they can be consistently traced to the Chinese mainland raises serious policy questions. Is the Chinese government conducting active investigations against the hackers, and what legal actions are they taking once hackers are identified? Is the Chinese government transparently sharing information of these supposed investigations with the victims of the cyber-espionage? What legal actions is Beijing taking to prevent individual hackers from attacking organizations outside of China? These questions must be given serious consideration in the wake of attempted cyber-espionage to when there is evidence of Chinese origin… [Click here to read the full except as a PDF]

Also note that this excerpt is also available in the Spanish language, courtesy of the U.S. Air Force.

Additional Reading from Elsevier Connect: China and Cyberwarfare — Insights from a Military Computer Scientist

About the Author:

Paulo Shakarian, Ph.D. is a Major in the U.S. Army and an Assistant Professor of Computer Science at the U.S. Military Academy (West Point) teaching classes on computer science and information technology as wells as conducting research on cyber-security, social networks, and artificial intelligence. He has written over twenty papers published in scientific and military journals. Relating to cyber-warfare, he has written the paper “Stuxnet: Cyberwar Revolution in Military Affairs” published in Small Wars Journal and “The 2008 Russian Cyber-Campaign Against Georgia” published in Military Review.

His scientific research has also been well received, featured in major news media such including The Economist and Nature. Previously, he has authored Geospatial Abduction: Principles and Practice published by Springer.

Paulo holds a Ph.D. and M.S. in computer science from the University of Maryland, College Park, a B.S. in computer science from West Point, and a Depth of Study in Information Assurance also from West Point. Paulo has served two combat tours in Operation Iraqi Freedom. His military awards include the Bronze Star, Meritorious Service Medal, Army Commendation Medal with Valor Device, and Combat Action Badge. Learn more about Paulo, at his website.

The opinions in this article are solely those of the author and do not necessarily reflect the opinions of the US Military Academy, the US Army or the Department of Defense.

***

计算机安全

华人与计算机:中国计算机网络战争.

作者:Paulo Shakarian

出版日期:2013年7月31日

亲爱的读者,

我非常高兴在 Elsevier 的新博客中写一个关于网络战争的介绍：我和我的妻子 Jana 还有我们的好朋友 Ruef通过一种综合的研究方法来完成它。这本书的初衷是通过一系列的研究展现一个新的领域的战争网络战争。我了解传统军事行动最常规、最有效的方式是通过军事训练-这就是为么会有如此多的书籍是关于历史军事的。Jana，Andrew 和我觉得网络战争历史上的其他战争一样，所以我们希望这本书能够填补这一空白。

许多人会问我们对于最近比较热的关于中国从事网络战的新闻，特别是关于知识产权的盗窃。所以，在和 Elsevier 博客上的网友聊天时，我们想要回答一些关于这方面的问题-让你了解这本新书。

下列的文章是介绍这本关于网络战争的新书的摘录：一种多学科的方法被Syngress公布，Elsevier 的版本说明。马上订购你的副本可以打3折！只要进入点击‘SYNS30’就可以付款了。

华人与计算机：为什么知识产权盗窃和中国的网络学说是兼容的。

作者：Paulo Shakarian, Jana Shakarian, and Andrew Ruef

摘要：继美国和俄罗斯之后，中国通常被认为是世界上网络权利的引领者之一。在本文中，我们探索中国军方的想法，于20世纪90年×××发的，影响了他们21世纪初期的网络操作。特别是，我们探究他们超限战和主动进攻的想法，我们也讨论了他们如何允许知识产权盗窃。我们之后特别关注极光行动的案列研究-一个网络操作直接对抗了许多美国的权益，如：科学技术和辩护律师事务所，反映出一些这样的思想。

过去五年里，一些新闻媒体报道了看似散落涉嫌中国的网络事件。这些活动包括盗窃把守的科学数据的实例，监测达赖喇嘛的通信，盗窃谷歌的知识产权。在国会武装部队委员会的证词中，基思·亚历山大将军，美国国家安全局网络司令部(NSA)负责人。他指出中国从美国偷了‘许多’与军事有关的知识产权。明确的网络间谍活动，包括盗窃知识产权，这已经成为中国网络策略的关键组成部分。最近安全公司Mandiant发布的报告提供了技术分析指向这个结论，一个组织隶属于解放军(61398 部队)已经从事了大量的军事间谍活动来对抗母语为英语的国家。本书，我们特别强调中国一些相应的学说，我们相信它导致了像61398部队或其他类似的组织的出现。

渗出的活动，监听，盗窃的数据信息，可以描述为一些能够被很容易标记为实施网络间谍活动的事故。他们明显的目标不是让计算机下线或摧毁计算机内的数据，而是捕获他们的反对力量的数据。在这种情况下，这些活动不能被标记为网络***，因为目标系统和它的数据必须保持完整为了获取他们所需的数据。故，我们可以定义网络间谍活动为：为了获从计算机系统获取数据而不经过计算机系统拥有者授权的收集情报的行为。

无论如何，像计算机网络***事件，网络间谍活动也一样，众所周知很难鉴定它的归属。那么，是什么导致我们相信中国参与网络间谍活动？如果归属如此的困难，那么，为什么谷歌公司和诺斯罗普·格鲁门公司，高级别外交官，例如美国国务卿希拉里·克林顿发出强硬的声明谴责中国政府在唤醒在这些***？这个声明罗列了事件起源，大多数计算机***事件涉及窃取数据信息通过网络追踪表明***源来自中国大陆。更近一步，通过分析这些***事件中的恶意软件会发现这些软件的开发工具是中文的。所以这几乎不可能连累×××政府涉及网络间谍活动，事实上他们可以始终追溯到中国大陆加重重的政治危机。中国政府在进行反***调查吗，那么，什么样法律的行为被确定为***所为？中国政府是否和网络间谍活动的受害者透明共享应该调查的这些信息？什么法律行动将被北京采取采取防止中国以外的进攻组织的个别***？这些问题必须给予认真的考虑，原产于中国的证据表明在企图唤醒网络间谍活动。

同时也说明这些摘抄有来自西班牙的，有来自由美国空军的。

其它阅读链接：从军事的计算机科学家眼中透视中国网络战。

关于作者：

Paulo Shakarian, Ph.D. 是一个美国陆军少校和计算机科学助理教授，主要教授计算机科学与技术，同时也研究网络安全、社交网络和人工智能。他已经写了超过20本书发表于科学和军事刊物。涉及到网络战争，他已经写了名为《Stuxnet蠕虫：网络战军事事务革命》发表于小型战争报和《2008年俄罗斯对格鲁吉亚的网络活动》发表于军事评论。

他科学的研究的到了很好的回报，特色在于各大新闻媒体包括经济学家和自然的研究。先前，他撰写地理空间：由Springer出版的原理与实践。

Paulo holds a Ph.D. and M.S. 从事计算机科学，马里兰大学，学院公园，西点军校的一个计算机科学理学士，深入研究信息安全保障。在“伊拉克自由行动”担任两个作战旅的旅长，他的部队得过包括:铜星奖章、荣誉奖章、军队嘉奖奖章和华尔莱科技设备和和作战行动徽章。了解更多关于Paulo，请访问他的网站。

在这篇文章中的观点仅是作者，并不一定反映了美国军事学院，美国陆军或国防部的意见。